66"""
77
88import binascii
9- import compiler
10- import httplib
119import logging
1210import re
1311import socket
1412import string
1513import struct
1614import time
1715import traceback
18- import urllib
19- import urllib2
20- import urlparse
2116
2217try :
2318 import websocket
@@ -125,6 +120,8 @@ class WebSocketException(Exception):
125120from lib .request .comparison import comparison
126121from lib .request .methodrequest import MethodRequest
127122from thirdparty .odict import OrderedDict
123+ from thirdparty .six .moves import http_client as _http_client
124+ from thirdparty .six .moves import urllib as _urllib
128125from thirdparty .socks .socks import ProxyError
129126
130127class Connect (object ):
@@ -279,13 +276,13 @@ def getPage(**kwargs):
279276 post = multipart
280277
281278 if chunked and post :
282- post = urllib .unquote (post )
279+ post = _urllib . parse .unquote (post )
283280 post = chunkSplitPostData (post )
284281
285282 websocket_ = url .lower ().startswith ("ws" )
286283
287- if not urlparse .urlsplit (url ).netloc :
288- url = urlparse .urljoin (conf .url , url )
284+ if not _urllib . parse .urlsplit (url ).netloc :
285+ url = _urllib . parse .urljoin (conf .url , url )
289286
290287 # flag to know if we are dealing with the same target host
291288 target = checkSameHost (url , conf .url )
@@ -306,7 +303,7 @@ def getPage(**kwargs):
306303 code = None
307304 status = None
308305
309- _ = urlparse .urlsplit (url )
306+ _ = _urllib . parse .urlsplit (url )
310307 requestMsg = u"HTTP request [#%d]:\r \n %s " % (threadData .lastRequestUID , method or (HTTPMETHOD .POST if post is not None else HTTPMETHOD .GET ))
311308 requestMsg += getUnicode (("%s%s" % (_ .path or "/" , ("?%s" % _ .query ) if _ .query else "" )) if not any ((refreshing , crawling , checking )) else url )
312309 responseMsg = u"HTTP response "
@@ -334,7 +331,7 @@ def getPage(**kwargs):
334331 pass
335332
336333 elif target :
337- if conf .forceSSL and urlparse .urlparse (url ).scheme != "https" :
334+ if conf .forceSSL and _urllib . parse .urlparse (url ).scheme != "https" :
338335 url = re .sub (r"(?i)\Ahttp:" , "https:" , url )
339336 url = re .sub (r"(?i):80/" , ":443/" , url )
340337
@@ -359,7 +356,7 @@ def getPage(**kwargs):
359356 url = "%s?%s" % (url , get )
360357 requestMsg += "?%s" % get
361358
362- requestMsg += " %s" % httplib .HTTPConnection ._http_vsn_str
359+ requestMsg += " %s" % _http_client .HTTPConnection ._http_vsn_str
363360
364361 # Prepare HTTP headers
365362 headers = forgeHeaders ({HTTP_HEADER .COOKIE : cookie , HTTP_HEADER .USER_AGENT : ua , HTTP_HEADER .REFERER : referer , HTTP_HEADER .HOST : host }, base = None if target else {})
@@ -453,7 +450,7 @@ class _(dict):
453450 req = MethodRequest (url , post , headers )
454451 req .set_method (method )
455452 elif url is not None :
456- req = urllib2 .Request (url , post , headers )
453+ req = _urllib . request .Request (url , post , headers )
457454 else :
458455 return None , None , None
459456
@@ -492,7 +489,7 @@ class _(dict):
492489 for char in (r"\r" , r"\n" ):
493490 cookie .value = re .sub (r"(%s)([^ \t])" % char , r"\g<1>\t\g<2>" , cookie .value )
494491
495- conn = urllib2 .urlopen (req )
492+ conn = _urllib . request .urlopen (req )
496493
497494 if not kb .authHeader and getRequestHeader (req , HTTP_HEADER .AUTHORIZATION ) and (conf .authType or "" ).lower () == AUTH_TYPE .BASIC .lower ():
498495 kb .authHeader = getRequestHeader (req , HTTP_HEADER .AUTHORIZATION )
@@ -548,7 +545,7 @@ class _(dict):
548545 if re .search (r"\Ahttps?://" , refresh , re .I ):
549546 url = refresh
550547 else :
551- url = urlparse .urljoin (url , refresh )
548+ url = _urllib . parse .urljoin (url , refresh )
552549
553550 threadData .lastRedirectMsg = (threadData .lastRequestUID , page )
554551 kwargs ["refreshing" ] = True
@@ -580,7 +577,7 @@ class _(dict):
580577 else :
581578 raise
582579
583- except urllib2 .HTTPError as ex :
580+ except _urllib . error .HTTPError as ex :
584581 page = None
585582 responseHeaders = None
586583
@@ -629,18 +626,18 @@ class _(dict):
629626 logger .log (CUSTOM_LOGGING .TRAFFIC_IN , responseMsg )
630627
631628 if ex .code != conf .ignoreCode :
632- if ex .code == httplib .UNAUTHORIZED :
629+ if ex .code == _http_client .UNAUTHORIZED :
633630 errMsg = "not authorized, try to provide right HTTP "
634631 errMsg += "authentication type and valid credentials (%d)" % code
635632 raise SqlmapConnectionException (errMsg )
636- elif ex .code == httplib .NOT_FOUND :
633+ elif ex .code == _http_client .NOT_FOUND :
637634 if raise404 :
638635 errMsg = "page not found (%d)" % code
639636 raise SqlmapConnectionException (errMsg )
640637 else :
641638 debugMsg = "page not found (%d)" % code
642639 singleTimeLogMessage (debugMsg , logging .DEBUG )
643- elif ex .code == httplib .GATEWAY_TIMEOUT :
640+ elif ex .code == _http_client .GATEWAY_TIMEOUT :
644641 if ignoreTimeout :
645642 return None if not conf .ignoreTimeouts else "" , None , None
646643 else :
@@ -658,7 +655,7 @@ class _(dict):
658655 debugMsg = "got HTTP error code: %d (%s)" % (code , status )
659656 logger .debug (debugMsg )
660657
661- except (urllib2 . URLError , socket .error , socket .timeout , httplib .HTTPException , struct .error , binascii .Error , ProxyError , SqlmapCompressionException , WebSocketException , TypeError , ValueError , OverflowError ):
658+ except (_urllib . error . URLError , socket .error , socket .timeout , _http_client .HTTPException , struct .error , binascii .Error , ProxyError , SqlmapCompressionException , WebSocketException , TypeError , ValueError , OverflowError ):
662659 tbMsg = traceback .format_exc ()
663660
664661 if checking :
@@ -771,7 +768,7 @@ class _(dict):
771768 processResponse (page , responseHeaders , status )
772769
773770 if conn and getattr (conn , "redurl" , None ):
774- _ = urlparse .urlsplit (conn .redurl )
771+ _ = _urllib . parse .urlsplit (conn .redurl )
775772 _ = ("%s%s" % (_ .path or "/" , ("?%s" % _ .query ) if _ .query else "" ))
776773 requestMsg = re .sub (r"(\n[A-Z]+ ).+?( HTTP/\d)" , r"\g<1>%s\g<2>" % getUnicode (_ ).replace ("\\ " , "\\ \\ " ), requestMsg , 1 )
777774
@@ -1027,7 +1024,7 @@ def _adjustParameter(paramString, parameter, newValue):
10271024 token .value = "" .join (chr (int (_ )) for _ in match .group (1 ).replace (' ' , "" ).split (',' ))
10281025
10291026 if not token :
1030- if conf .csrfUrl and conf .csrfToken and conf .csrfUrl != conf .url and code == httplib .OK :
1027+ if conf .csrfUrl and conf .csrfToken and conf .csrfUrl != conf .url and code == _http_client .OK :
10311028 if headers and "text/plain" in headers .get (HTTP_HEADER .CONTENT_TYPE , "" ):
10321029 token .name = conf .csrfToken
10331030 token .value = page
@@ -1093,7 +1090,7 @@ def _randomizeParameter(paramString, randomParameter):
10931090 originals = {}
10941091
10951092 if not get and PLACE .URI in conf .parameters :
1096- query = urlparse .urlsplit (uri ).query or ""
1093+ query = _urllib . parse .urlsplit (uri ).query or ""
10971094 else :
10981095 query = None
10991096
@@ -1121,7 +1118,7 @@ def _randomizeParameter(paramString, randomParameter):
11211118
11221119 while True :
11231120 try :
1124- compiler . parse (unicodeencode (conf .evalCode .replace (';' , '\n ' )))
1121+ compile (unicodeencode (conf .evalCode .replace (';' , '\n ' )), "" , "exec" )
11251122 except SyntaxError as ex :
11261123 if ex .text :
11271124 original = replacement = ex .text .strip ()
@@ -1303,7 +1300,7 @@ def _randomizeParameter(paramString, randomParameter):
13031300
13041301 if conf .secondUrl :
13051302 page , headers , code = Connect .getPage (url = conf .secondUrl , cookie = cookie , ua = ua , silent = silent , auxHeaders = auxHeaders , response = response , raise404 = False , ignoreTimeout = timeBasedCompare , refreshing = True )
1306- elif kb .secondReq and IPS_WAF_CHECK_PAYLOAD not in urllib .unquote (value or "" ):
1303+ elif kb .secondReq and IPS_WAF_CHECK_PAYLOAD not in _urllib . parse .unquote (value or "" ):
13071304 def _ (value ):
13081305 if kb .customInjectionMark in (value or "" ):
13091306 if payload is None :
0 commit comments